<?php 
include_once 'function.php';
if (!isset($_SESSION['id'])) 
{
	header('Location:/');
	exit;
}
if (isset($_GET['f']))
{
	if (1 == $_GET['f'])
	{// charge
		if (isset($_POST['code']) && !empty($_POST['code']))
		{
			$conn = conn();
			$code = trim($_POST['code']);
			$esc_code = mysql_real_escape_string($code, $conn);
			$sql = "SELECT good_id FROM charge_codes WHERE charge_code = '$esc_code'";
			$result = mysql_query($sql, $conn);
			$row = mysql_fetch_assoc($result);
			if (isset($row['good_id']))
			{
				$sql = "DELETE FROM charge_codes WHERE charge_code = '$esc_code'";
				mysql_query($sql, $conn);
				$sql = "INSERT INTO pay_history(account_id, good_id) VALUES({$_SESSION['id']}, {$row['good_id']})";
				mysql_query($sql, $conn);
				if (1 == mysql_affected_rows($conn))
				{
					// charge successfully
					echo '<!DOCTYPE HTML><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
					<meta http-equiv="Refresh" content="5;url=/" /></head>
					<body style="text-align:center;">充值成功，即将返回首页</body></html>';
					exit;
				}
			}
			else 
			{
				$error = true;
			}
		}
	}
	elseif (2 == $_GET['f'])
	{// history
		$conn = conn();
		$sql = "SELECT created, name good FROM pay_history JOIN goods ON good_id = goods.id WHERE account_id = {$_SESSION['id']}";
		$result = mysql_query($sql, $conn);
		$history = array();
		while ($row = mysql_fetch_assoc($result))
		{
			$history[] = $row;
		}
	}
}

?><!DOCTYPE HTML>
<html>
	<head>
		<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
		<link rel="stylesheet" type="text/css" media="all and (orientation:portrait)" href="/theme_p.css" />
		<link rel="stylesheet" type="text/css" media="all and (orientation:landscape)" href="/theme.css" />
	</head>
	<body>
		<div class="wrapper">
			<div class="header">
				<div class="logo"><a href="/"><?php echo SITE;?></a></div>
				<div class="clear"></div>
			</div>
			<div class="knowledge">
				<?php if (isset($_GET['f'])) {
					if (1 == $_GET['f']) {
						echo '<div class="title">使用充值密码为帐户充值：</div>';
				?>
				<p>
					<?php if (isset($error) && $error) echo '<span style="color:red">充值密码错误</span><br />'; ?>
					<form method="post" action="charge.php?f=<?php echo $_GET['f'];?>">
						<input type="text" name="code" value="" style="width:300px;" />
						<input type="submit" value="确定" /> <a style="margin-left:20px;" href="/charge.php?f=2">充值历史</a>
					</form>
				</p>
				<?php 
					}
					elseif (2 == $_GET['f']) {
						echo '<div class="title">充值历史记录：</div>';
						if (count($history) > 0)
						{
				?>
				<ul class="knowledge_table">
					<li>
						<span class="first">充值时间</span><span class="last">有效期</span>
					</li>
				<?php 
					foreach ($history as $i => $history_info)
					{
						echo '<li', ($i == count($history) - 1 ? ' class="last"' : ''), '>
							<span class="first">', $history_info['created'], '</span><span class="last">',
							preg_replace('/years?/', '年', preg_replace('/months?/', '个月', $history_info['good'])), '</span>
						</li>';
					}
				?>
				</ul>
				<?php
						}
						else 
						{
							echo '<p>您没有充过值</p>';
						}
						echo '<br /><a href="/charge.php?f=1">使用充值密码</a>';
					}
				}?>				
			</div>

			<div class="footer">
				<a href="payment.php">支付方式</a>
				<a href="price.php">服务价格</a>
				<a href="contact.php">联系我们</a><br /><br />
				&copy; <?php echo SITE.' '.date('Y');?>
			</div>
		</div>
	</body>
</html>